CVE-2022-23082: Relative Path Traversal
(updated )
In CureKit versions v1.0.1 through v1.1.3 is vulnerable to path traversal as the function isFileOutsideDir fails to sanitize the user input which may lead to path traversal.
References
Detect and mitigate CVE-2022-23082 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →